---
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: &app cloudflare-dns
spec:
  chartRef:
    kind: OCIRepository
    name: cloudflare-dns
  interval: 1h
  values:
    fullnameOverride: *app
    provider: cloudflare
    env:
      - name: CF_API_TOKEN
        valueFrom:
          secretKeyRef:
            name: &secret cloudflare-dns-secret
            key: api-token
    extraArgs:
      - --cloudflare-dns-records-per-page=1000
      - --cloudflare-proxied
      - --crd-source-apiversion=externaldns.k8s.io/v1alpha1
      - --crd-source-kind=DNSEndpoint
      - --gateway-name=envoy-external
    triggerLoopOnEvent: true
    policy: sync
    sources: ["crd", "gateway-httproute"]
    txtPrefix: k8s.
    txtOwnerId: default
    domainFilters: ["${SECRET_DOMAIN}"]
    serviceMonitor:
      enabled: true
    podAnnotations:
      secret.reloader.stakater.com/reload: *secret
